"GOT", but the "O" is a cute, smiling pufferfish. Index | Thread | Search

From:
Stefan Sperling <stsp@stsp.name>
Subject:
Re: initial gotd-secrets.conf implementation
To:
Omar Polo <op@omarpolo.com>
Cc:
gameoftrees@openbsd.org
Date:
Sun, 8 Sep 2024 13:52:25 +0200

Download raw body.

Thread
On Sun, Sep 08, 2024 at 10:14:15AM +0200, Omar Polo wrote:
> Yep, that's my plan as well.  I just thought in this case it would have
> been better to improve in-tree.
> 
> For that there are two ways I guess:
> 
>  - using the second field for both data, as in `auth label flan:password` or
>  - adding another field for the password, as in `auth label flan password`
> 
> The latter is probably cleaner.

I agree the second form is better. Could even use keywords to make
it easier to read:

  auth gothubflan user "flan" password "secret"
  auth gothubhacker user "flan" password "secret"
  hmac codeberghook1 "secretfoo"
  hmac codeberghook2 "secretbar"

> > > can improve in tree I believe.
> > 
> > Yes, agreed. Ok by me.
> > 
> > I would prefer to avoid linking secrets.c into gitwrapper, but we
> > can fix that later. This might require running a separate binary
> > to parse the secrets file, or perhaps just moving some mfunctions
> > to different .c files will be enough.
> 
> I have to pull in secrets.c in gitwrapper because I'm using
> gotd_secrets_get() in parse.y that is also pulled in by gitwrapper.
> I could add a dummy implementation of it in gitwrapper to satisfy lld,
> or maybe add a secrets-dummy.c file with only that function in it.
 
Indeed. Maybe just adding the dummy function to gitwrapper.c would work?